Since the symmetric key is encrypted like this, it can only be decrypted using the server's private key. The client uses the server's public key to encrypt a rather long random key for a symmetric algorithm at the start of each encrypted session. The server has a key pair that consists of a world-readable public key and a securely stored (and inaccessible to anyone but the server itself) private key. The public key is widely accessible to "everyone" while the private key is stored securely and only used by its owner. Assuming a sufficiently strong algorithm, whatever is encrypted with the public key can only be encrypted with the private one and vice versa. Those involve two keys, rather than one, a public key and a private key. Public Key Cryptography is based on asymmetric encryption algorithms. I will add some more information in layman terms, mostly ripped off from the two links above, to make things a bit more clear. See also the Wikipedia article on TLS for more information.
You would need the private keys of the server in order to descrypt an SSL session and in normal situations it is quite hard to acquire those.
Said public keys are accessible, but they cannot be used to decrypt the session packets because the encryption algorithm is not symmetric. What you have in your browser key-store is the certificates that will verify the validity of the public keys of the server. That is the whole point of Public Key Cryptography on which SSL is based. No, you cannot decrypt HTTPS/SSL sessions from a network capture, even if you do have the certificates.
0 kommentar(er)
